cfauthenticate

[sally]

Please advise on creating user login which redirects users of different permission levels to different sections of the website.

I've got the login authentication down, but I don't know how to redirect based on database permission level. Is it all part of the same query or do you create two separate ones within the LoginAction page?

 

[GunJack]

Hi Sally,

I'm assuming you have a field in your user's record that contains a permission level like '1', '2', etc.. If so, you could then authenticate the user with a query like "select * from users where username = '#username#' and password = '#pass#'.

Your query results would then contain the permission level and you could re-direct like this:

<cfquery name=&quot;userInfo&quot; datasource=..>
select * from users where username = '#username#' and password = '#pass#
</cfquery>

<!---- Put any other code to set session information here --->

<cflocation url=&quot;NewPage#userInfo.PermLevel#.cfm&quot;>

You would then create a page called &quot;NewPage1.cfm&quot;, &quot;NewPage2.cfm&quot;, etc.. for each permission level. This is assuming your permission field is called &quot;PermLevel&quot;. If the login fails, &quot;NewPage#userInfo.PermLevel#&quot; evaluates to &quot;NewPage.cfm which could contain a login failed message.

There are a lot of ways to achieve what you want but this is just a simple suggestion based on how I assume you have things setup. I would recommend using cfincludes instead of re-directs as they provide very similar functionality and they won't cause problems with setting new cookies as <cflocation> tags do.

Hope this helps,
GJ

 

[imstillatwork]

Grab the book Instant Cold Fusion 5. They walk you through a good security system with user groups and all that. and show you how to set up the scheme of it all.

kevin